mliu writes: The New York Police Dept has long denied the existence of quotas in arrests. However, as making a recording in NY only requires a single party's consent, a Brooklyn cop carried a digital voice recorder with him and surreptitiously recorded his superior and fellow cops as he went about his job. The recordings reveal that in addition to quotas backed by threat of discipline, the cops also were pressured to suppress attempts to report crimes in order to make crime statistics appear more favorable for the department and the mayor. As the article describes, this perfectly dovetails a survey released earlier this year wherein retired NYPD supervisors described "intense pressure" to show declines in crime by manipulating statistics. After his whistle blowing, his commander had him forcibly committed to a mental ward.

The issue is how to fairly collect taxes to pay for maintenance of roads and highways. How do we make those who use public roads and highways the most pay the most for their maintenance? Using GPS data to determine this is a poor solution.
An good solution is to build the increased cost of road maintenance into a tax for new tires sold for on road use in the United States.

Posted
by
timothy
on Thursday March 19, 2009 @04:49PM
from the when-you-can-snatch-this-pebble-from-my-hand dept.

neersign writes "March Madness is here and NCAA.com is streaming all of the games over the internet for free. The downside is they are using Microsoft technologies to do so. The standard player lists Windows XP/Vista, IE6, and WMP 9 as the base requirements. The High Quality Video Player requires Silverlight 2. So my question is: how would a Linux user be able to work around these requirements and watch the games?"

Posted
by
timothy
on Thursday March 19, 2009 @12:18PM
from the they-never-offer-the-purple-pill dept.

Eukariote writes "A paper and exploit code detailing a privilege escalation attack on Intel CPUs has just been published. The vulnerability, uncovered by security researchers Joanna Rutkowska (of Blue Pill fame), Rafal Wojtczuk, and, independently, Loic Duflot, makes use of Intel's System Management Mode (SMM). Quote: "The attack allows for privilege escalation from Ring 0 to the SMM on many recent motherboards with Intel CPUs. Rafal implemented a working exploit with code execution in SMM." The implications of this exploit are severe."

People aren't spending money unless they have to (check the government's December retail sales report if you don't believe me). When people are forced to buy a new computer do you think they'll buy a $700 Dell or a $1400 Apple when both have the exact same hardware specifications? Sure the Apple looks prettier and the OS is superior to Windows, but for $700 more? In difficult financial times the value isn't there for most people. As a result I see Apple's recent market share gains retreating rapidly as the recession lingers.

januth writes: I just finished reading about
this incident, in which a St. George, Missouri police officer was caught on
a motorist's personal dashcam threatening to invent charges to arrest him even though the motorist had done nothing
wrong.

"The incident began at around 2am. Darrow [the motorist] was to meet a
friend who was working late and was going to pick him up. Darrow headed toward a
24-hour commuter parking lot in an unincorporated part of Saint Louis County in
his 1997 Nissan Maxima. He put on his turn signal and entered the lot which,
aside from Kuehnlein's cruiser, was essentially vacant. After stopping the car,
the police officer approached and began questioning Darrow about what he was
doing. When Darrow declined to discuss his personal business, the police
sergeant exploded. Although the video clearly shows Darrow driving properly and
using his turn signal, the police officer insisted that Darrow had broken the
law."

Had Darrow not had his own video camera running it would
have been his word against the police officer's. He has had
another interesting
run-in with the police that he captured on video as well. In both
cases he's merely asking the questions any citizen should be able to ask of a
police officer. In both cases, the police do not respond well.

cpm80 writes: "I logged onto Yahoo mail today and noticed a message at the bottom of the screen stating "Thanks for being a Yahoo! Power Mailer", which means I can send up to 20MB per email message at get free IM based support. At first I was worried that I had inadvertently signed up to pay Yahoo! $$$ and it was going to be a pain to get out of the contract. After some Googling I noticed a blog entry from last week — http://www.tribbleagency.com/?p=328. I agree with the founder at Tribble Ad Agency that it's just a marketing gimmick, but am worried that because Yahoo! couldn't be this stupid, or expect their customers to be, I'm missing something important?"

Actually, I do RTFA writes: A short while ago, slashdot featured an article about possible criminal prosecution for people who took advantage of faulty slot machine software. At the time, many people drew an analogy to an ATM that dispensed too much money. Well, apparently, that too may result in criminal charges. Interestingly, although they suspect that someone may have tampered with the ATM, they are considering charging anyone who withdrew money from the ATM.

This also provides an interesting rejoinder to 'if they can build a secure ATM, why cannot Diebold build a secure electronic voting machine.'

pschmied writes: Today the Étoilé Project released v0.2 of its Desktop Environment. Not only does Étoilé share user interface similarities with Mac OS X, Étoilé enjoys some source-level compatibility with Mac OS X as well. Many Slashdotters undoubtedly remember NeXT, the revolutionary computer / development environment that gave rise to the first web browser and later became the foundation of Mac OS X. Étoilé uses the FSF's own implementation of the NeXT development environment, GNUStep, making this a close technological relative of OS X. Screenshots and a source tarball are available.

prostoalex writes: "The Globe and Mail is reporting on a feud between two members of a picture-sharing site that motivated one of the opponents to drive down to Texas from Virginia, meanwhile taking photos of his trip and sharing them on aforementioned picture-sharing site, to burn the victim's house down: "Investigators say Tavares boiled over when Anderson called him a nerd and posted a digitally altered photo making Tavares look like a skinny boy in high-water pants, holding a gun and a laptop under a "Revenge of the Nerds" sign. Tavares obtained Anderson's real name and hometown from Anderson's Web page about his Museum of Horrors Haunted House. Tavares took leave from his post as a weapons systems operator at the AEGIS Training and Readiness Center in Dahlgren, Va., and started driving. Investigators say he told them he planned to point a shotgun at Anderson and shoot his computer.""

pestilence669 writes: "An alarming number of kiosks and ATMs (like the V-Com units in 7-11) run Windows XP. I've recently made it a hobby to play minesweeper and surf the web on these units. Most, if not all, are connected to the Internet. BitTorrent from an ATM? It's easier than you think! Gaining control is as simple as five keystrokes.

The companies that build ATMs and kiosks seem to know nothing about keyboard shortcuts. If there's a keyboard attached, you can bet that they removed the TAB key to prevent ALT+TAB abuses. Little do they know, ALT+TAB is not the only way to lose focus for an application.

If you're a fast typer like me, you've probably been greeted with the Microsoft sticky keys dialog. It asks you if you want to enable "sticky keys." It's a usability feature that helps disabled individuals type with one hand. Sadly, it's pseudo-enabled by default since this dialog box appears. Most people don't know it, so it's ready to be abused on just about every production XP-based kiosk or ATM (with keyboard).

All that needs to be done: hit the SHIFT key five times. SHIFT is guaranteed to be included in even the most restrictive keyboard layouts. In almost every instance, the sticky keys dialogs appears. As the kiosk or ATM application looses focus, you'll be presented with the XP start menu in the background. Many of these machines use a complete install with Minesweeper, Hearts, Internet Explorer and Outlook Express. Fun!!!

I've made it a regular habit to browse Slashdot, send email, and surf blogs from just about any kiosk that I find. Whenever my wife uses the bathroom at Dave & Busters, I'm reading blogs in the lobby. Whenever I'm at 7-11, I'm surfing with the ATM.

What's really scary about all of this is how easy it is to install executable code onto these devices. They're on the Internet and they have local storage. As far as I can tell, in my own experience, there are no restrictions in place. What's to stop someone from installing their own COM/ActiveX "helper" object and intercepting all HTTP/bank traffic?"

An anonymous reader writes: Over 5000 aspiring lawyers who took the New York bar examination on laptops using windows, word and a software from a company called SecureExam ended up with lost essays and computer problems. The New York Board of Bar Examiners released a statement and the company responsible released a second statement. Possibilities at this point might entail a software company being held liable for licensed software under a EULA for the first time. Bar examinations in Georgia reportedly had problems as well. It seems the software created a single file with all the answers and either discarded the file rather than upload it or mixed parts of the essays together.

CmputrAce writes: Well, it's here now. The #iphone-dev team has compiled the first third-party application for the iPhone. Of course, it is the standard "Hello, world." application, but it's native to the iPhone and uses the iPhone's GUI. This opens up the iPhone for development by anyone who can forge through the process of cracking the iPhone, installing the iPhone "Toolchain", writing an application, compiling, translating, and finally installing the application to the iPhone. With the pace of development at present, expect to see commercial "jailbreak" (mod-enabling) applications soon as well. You can already get high-quality applications (Mac) to theme the iPhone and add your own ring tones (Win) for the phone.

An anonymous reader writes: A new XSS vulnerability was found in Facebook, allowing executable code to be injected in a user's profile; this compromises the security of both the profile owner and all profile viewers. The article includes a sketch of the attack, a white paper that gives a detailed explanation of how such an attack can be used, and a video demo. Facebook is set up so that once a single hidden value has been obtained, any form can be submitted with that user's credentials. One would think that XSS vulnerabilities are common and serious enough that Facebook would have set up their site so that the entire site is not laid open by a single attack. (The article does not disclose the location of the XSS hole since it has not yet been patched.)